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FIG. 2 




Master Authority Record 



Authority Record 1 



Authority Record n 



Security Partition (SP) Data 



OS File System 



FIG. 3 



76 



70 




SPPasscode 



SPPublicKey Pair Out 



SPPublicKey Pair In 



. SPSymmetric Key 



56 



Sf^Authority - R/W Access Rights 
SPName 



WriteQ>K^e V Write Over | WriteAny 
ReadCur ^ ReadAny | Hidden Read 
Start, End Time, Erase at End 
SP DataEncrypt YES | NO 
SPData Start, Record Size, and Number 



SPData 
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FIGURE 5 



Authority Source (See AuthSet Call) 



Field 
SPName 



N Bit Size Byte Size 



Note 



Internal 



External 



Root 



SPPasscode 
SPPublicKey-Out 

SPPrivateKey-Out 

SPPublicKey-ln 
SPPrivateKey-ln 

SPSymKey 

SPNonce 

SPAuthSource (Internal \ External ( 
Special) 

SPDataWriteMode (WriteOnce 1 
WriteOver | WriteAny) 

SPDataReadMode (ReadCur ] 
ReadAny [ Hidden) 
SPDataEncrypt (YES I NO) 
SPStartTime 
SPEndTime 

SPEraseAtExpiration (YES | NO) 

SPNumberofRecords 

SPRecordSIze 

SPCurrentRecord 

SPDataStart (an absolute disk 

address) 

SPAuthority SPName (reader, 
writer, admin, encrypted passcode, 



64 



^oo 


Oil rirst byte 


In From Set 


InFrom Set 


InFrom Set 




Null 








128 


16 


InFrom CSet, 


InFrom CSet, 


InFrnm PSpt 






Hidden 


Hidden 


Hidden 


4096 


512 


OutFrom Set 


InFrom CSet, 


OutFrom Set 








OutFrom Set 




4096 


512 


Hidden 


InFrom Set, 


Hidden 








Hidden 




4096 


512 


OutFrom Set 


InFrom Cset 


OutFrom Set 


4096 


512 


Hidden 


InFrom CSet, 


Hidden 








Hidden 




1024 


128 


Hidden 


InFrom CSet, 


Hidden 








Hidden 




2048 


256 avoid replay 


In I Out from 


[in 1 Out from 


In I Out frnm 9pt 

111 J \,^Ul II^JIII OCl 




attacks 


Set 


|set 




2 


0.25 


Not Applicable 


Not Applicable 


Not Applicable 


2 


0.25 


InFrom Set 


InFrom Set 


WriteAny 


2 


0.25 


InFrom Set 


InFrom Set 


ReadAny 


1 


0.125 


InFrom Set 


InFrom Set 


InFrom Set 


128 


16 


InFrom Set 


InFrom Set 


InFrom Set 


128 


16 


InFrom Set 


InFrom Set 


InFrom Set 


1 


0.125 


InFrom Set 


InFrom Set 


InFrom Set 


64 


8 


InFrom Set 


InFrom Set 


InFrom Set 


64 


8 


InFrom Set 


InFrom Set 


min 3270 


64 


8 


InFrom Set 


InFrom Set 




768 


96 


Hidden 


Hidden 


Hidden 



32 



256 First Byte 
Encodes 



InFrom Set 



InFrom Set 



(1,1,1,1,1,1...) 



..>,w>, ^ 

Total Bytes in One Auth Record 


21,096 


2,889 


Rounded Up 




3,072 6 Disk Blocks 


SPData (the disk address for this is 


SPRecSize 


193,536 is Other 


usually not contiguous with the 


* NumRecs 


3,072*63 Authorities 


authority record). 




for the will have 






Root Data other Sizes 



FIGURE 6 



Field 


Bits 


Bytes 


Example 


Notes 




SPMagic 


32 


4 


XF27F 






SPOffset 


32 


4 


1844 


header size may increase by 










more tlian one 6\sW begin-end 












storagelimit item 




SPVersion 


32 


4 


1.01 


text 




SPCryptoSuite 


128 


16 


RSA+RAJ 


text 


Fixed in the Preferred 






D++ 




Embodiment 


SPVendor 


128 


16 


Foobar 


text 










Corp. 






SPNumAuths 


32 


4 


64 






SPAuthSize 


32 


4 


6 


In 512 Byte Blocks 




SPRootPublicKeyIn 


4096 


512 






From Root Auth Record 


SPRootNonce 


2048 


256 






Synthesized on demand 


SPStorageLimits 


8192 


1024 




Begin/End Absolute Disk 
Locations 


Synthesized from Auth 
Records 



Note: Authority Partition Header is typically not writeable. 



FIGURE? 



Call 






Arguments Notes 








Calls that Read i 


and Write Authority Records 




SPAuthHeader 


AuthHeader 


Returns Header 




SPSet 


Name 


Passcode CertlN 


CertOut AuthRecord View i Modify i Add i Sets values for an authority 


requires 








Delete 


Admin 










pnviledge 


SPCSet 


Name 


Passcode CertlN 


CertOut AuthRecord View i Modify [ Add i Secure Setting of values for 


requires 








Delete authority, utilizes public key 


Admin 










pnviledge 


Calls that permit conventional Read and Write of Authority Data Records 


SPOpen 


Name 


Passcode CertlN 


CertOut AuthRecord Duration in Opens an SDpartition for 








Microseconds authorized read and write 




SPCIose 


Name 


Passcode CertlN 


CertOut AuthRecord Closes an Sdpartitton for 










authonzed read and wnte 




Calls that utilize SP's ability to hide secrets and hide basic cryptography 


SPSignThis 


Name 


Passcode CertlN 


CertOut DatatoSign PnvateKeyLocation SignedData(returned) 




SPCheckThls 


Name 


Passcode CertlN 


CertOut DatatoCheck PnvateKeyLocation Check(returned) 




SPProtRead 


Name 


Passcode CertlN 


CertOut Data (returned) MyPublicKey Location 




SPProtWrite 


Name 


Passcode CertlN 


CertOut Data MyPublicKey Location Location 


SPSuccess 










(returned) 


SPHashThis 


Name 


Passcode CertlN 


CertOut DatatoHash Hash (returned) Location to Store 





Note.: Locations above are possibly complex in that they can specify other authonty records that this authority has the right to 
read or wnte. So the location may be Name.RecordNumber, in general. 



FIGURE 8 



Error 


Code 


Notes 


SPSuccess 


0 




SPBad CertificatelN 


1 


Certificate In Failure 


SPBad CertificateOUT 


2 


Certificate Out Failure 


SPBad Name 


3 


Name not found 


SPBad Passcode 


4 


Passcode failed 


SPNo PublicKey-Out 


5 


For External Authority 


SPNo Publickey-ln 


6 


For External Authority 


SPNo PrivateKey-Out 


7 


For External Authority 


SPNo PrivateKev-ln 


8 


For External Authority 


SPNoAuthority 


9 


You can't do this 


SPPartition Full 


10 


The SP Partition is Full and writeover is not turned on 


SPNo Space For Partition 


11 


You can't create this partition, no continguous space 


SPNo Security Support 


12 


SP Security Turned off on this device - Header Fail 


SPRead Failure 


13 


Special SP Read Failed 


SPWrite Failure 


14 


Special SP Write Failed 



